Authentication

Gotransverse requires an X-Api-Key header parameter submitted in the HTTP request to authenticate the user account and confirm authorized access to the API set.

The following is an example of an X-Api-Key header parameter:

Copy

 -H  "X-Api-Key: 0ccf992053f84aec9ce626517scf85e3"

When using a tool like Postman, set the Authorization Type to No Auth, as the authorization is included when authenticating via X-Api-Key.

The X-Api-Key (API key) header value must be associated with a user account that meets the following conditions to make a successful API call:

The user account is enabled.
The API key is granted access to the appropriate API set.

Users can generate their own API key in the Gotransverse UI. Refer to User API Key Management in the Gotransverse Help Site.

Failed authentication will produce an error message, for example:

401: "Authorization header not found" — The X-Api-Key header was not sent as part of the request and authentication failed.
401: "User is Disabled" — The user account is not enabled and is not authorized to access the API.
401: "User account has expired" — The password for the user account has expired and the account is not enabled. Initiate a password reset from the login page to re-enable the user account.
401: "User account is locked" — The user account is locked and is not authorized to access the API.
403: "Access Denied" — The API key for the user account does not have the specified API set selected. For example, an X-Api-Key with only the Dunning API set assigned is not authorized to make an API call to the Revenue Management API.
403: "Access to this API has been disallowed" —The X-Api-Key is invalid or not associated with a user account.

Call Gotransverse Technical Support to confirm that your user account is enabled and authorized to access the API. Additionally, you can request an X-Api-Key be created for your user account.

Topic Updated: 4/2025.